Thursday, November 22, 2007

Basic DNS Server - BIND

Hi friends,

This article gives you the basic configuration of Dns-bind server in linux distribution. In this example i have used the chroot bind package.

1. Install the DNS Package
(either regular BIND or with BIND chroot):
Check the existence with the command

# rpm -qa | grep bind
ypbind-1.19-7.el5
bind-chroot-9.3.3-7.el5
bind-libs-9.3.3-7.el5
bind-utils-9.3.3-7.el5
bind-9.3.3-7.el5

2. Services:

# chkconfig --list | grep named
# chkconfig --level 345 named on
# /etc/init.d/named start|stop|status|restart or
# service named start|stop|status|restart

3. Firewall - open dns Port:

Open the tcp & udp port 53 from the firewall for the inbound DNS name resolution.

4. vi /etc/hosts:

Set proper name for the dns server host as shown below

127.0.0.1 dns1 localdomain.loalhost localhost dns1.example.com

5. Common location of dns configuration files:

In regular BIND server
named.conf file --> /etc/named.conf
zone files --> /var/named/
In chroot BIND server
named.conf file --> /var/named/chroot/etc/named.conf
zone files --> /var/named/chroot/var/named/

6. Getting the Test Sample File:
Find test sample file configuration using the locate command.

for eg.,

# locate named.conf
# locate .zone

7. For simpler configuration create a symbolic link as

# ln -s /var/named/chroot/etc/named.conf /etc/named.conf

8. configuring : /etc/named.conf

// options for configuring the forwarders
options {
forwarders { 200.200.200.200; };
statistics-file "/var/named/data/named_stats.txt" ;
dump-file "/var/named/data/cache_dump.db" ;
directory "/var/named" ;
};
// root hints details
zone "." {
file "/var/named/named.root";
type hint;
};
// Forward lookup zone details
zone "example.com" IN {
type master;
file "example.com.zone";
allow-update { none; };
};
// reverse lookup zone details
zone "10.168.192.in-addr.arpa" IN {
type master;
file "10.168.192.zone";
allow-update { none; };
};

9. configuring : /var/named/chroot/var/named/example.com.zone

# vi /var/named/chroot/var/named/example.com.zone

ORIGIN example.com.
$TTL 86400
@ IN SOA dns1.example.com. hostmaster.example.com. (
2002022401 ; serial
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum

IN NS dns1.example.com.

IN MX 10 mail.example.com.

IN A 192.168.10.1

dns1 IN A 192.168.10.1
server2 IN A 192.168.10.2
client1 IN A 192.168.10.3

server1 IN CNAME dns1
mail IN CNAME server2

10. configuring : /var/named/chroot/var/named/10.168.192.zone

# vi /var/named/chroot/var/named/10.168.192.zone

$ORIGIN 10.168.192.in-addr.arpa.
$TTL 86400
@ IN SOA dns1.example.com. hostmaster.example.com. (
2002022401 ; serial
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum

IN NS dns1.example.com.

1 IN PTR dns1.example.com.
2 IN PTR server2.example.com
3 IN PTR client1.example.com

11. Restart the "named" Services.

12. Client side configuration :

In Linux Client:

# vi /etc/resolv.conf

nameserver 192.168.10.1
domain example.com

In Windows Client:

Configure the preferred DNS server with DNS server ip address (192.168.10.1).

13. Check the name resolution with the following tool
nslookup
host
dig

Thanks

Logu
logu_microsoft@hotmail.com
91-98414-99143

7 comments:

Anonymous said...

Your style is so unique in comparison to other folks I have read stuff
from. Many thanks for posting when you've got the opportunity, Guess I'll just book
mark this web site.

Feel free to surf to my blog post ... white pages directory business

Anonymous said...

Nice post. I was checking constantly this weblog and I am inspired!
Very helpful information specially the last phase :) I care for such info a lot.
I used to be looking for this certain information for a very long time.
Thanks and good luck.

my web-site ... movie discussions net

Anonymous said...

It's amazing designed for me to have a website, which is good in support of my experience. thanks admin

Also visit my website: mr cartoon's skid row tattoo
shop

Anonymous said...

Sweet blog! I found it while surfing around on Yahoo News.
Do you have any tips on how to get listed
in Yahoo News? I've been trying for a while but I never seem to get there! Thanks

my web page - research paper on illegal immigration

Anonymous said...

Hello there, just became aware of your blog through Google,
and found that it is really informative. I am gonna watch out for brussels.
I'll appreciate if you continue this in future. Numerous people will be benefited from your writing. Cheers!

Here is my weblog movie chatsworth ca

Anonymous said...

It's awesome designed for me to have a web page, which is good in support of my knowledge. thanks admin

my site US real estate agents directory

Anonymous said...

Howdy! This is my first visit to your blog!
We are a group of volunteers and starting a new initiative in a community in the same niche.

Your blog provided us useful information to work on.
You have done a marvellous job!

Take a look at my web site; Pro Carolina computer repair